Re: [JDEV] iq:auth question

[Iain Shigeoka]

On 2/20/02 6:05 AM, "- zad -" <[EMAIL PROTECTED]> wrote:

> Could someone tell me why we are sending username in iq:auth If we are
> querying host as to what information is required ?
> 
> 
> 
>   juser
> 
> 

For zero-knowledge (0k) authentication the client must know what the current
sequence and token values are for the account in order to generate the
proper hash value.   In addition, the server may allow/require different
authentication protocols depending on the account you're using...  So:


  
joe_user
  


  
joe_user


  


  
joe_user
mypass
mobile_phone
  



Joe_user may authenticate using plain () or digest ()
authentication.  However we're stricter with the administrator account.


  
admin
  


  
admin
69
24ab423c323d323ac
  


  
admin
03923ad323fa13231424d
solaris_pop
  



-iain


_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] iq:auth question

[David Waite]

1. certain authentication types could be enabled or disabled per-user
2. an auth get returns tokens needed for authentication of that 
particular user (such as a 0k auth seed and count)

-David Waite

- zad - wrote:

>Could someone tell me why we are sending username in iq:auth If we are
>querying host as to what information is required ?
>
>
>  
>juser
>  
>
>
>zad
>
>___
>jdev mailing list
>[EMAIL PROTECTED]
>http://mailman.jabber.org/listinfo/jdev
>



___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

[JDEV] iq:auth question

[- zad -]

Could someone tell me why we are sending username in iq:auth If we are
querying host as to what information is required ?


  
juser
  


zad

___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev